I have used Norton Internet Security for years and it has caught many viruses, trojans etc and is a top rated product by PC World magazine and others. You can get a three computer license.
I share a computer and we've caught viruses using Comodo and Norton 360. I called up Norton explaining we have a virus and they want $100 to help me use the system restore disk which is what I can do for myself for free. I used Combofix only to later see the virus staring at me. In fact, Norton took hours searching the computer and Malwarebytes found the culprit in a lot less time.
I think the problem is the Windows registry because it allows other programs to change the computer. The Commodore 64 didn't get any viruses because you couldn't change the ROM and the whole push to put the operating system in RAM so that any rogue program to change it fueling the market for anti-virus and anti-spyware products. A lot of viruses are caught from surfing the web and sites like Facebook which is why your computer needs to operate in a sandbox to catch these intruders which is why I think Malwarebytes has been the most effective program so far. I think Linux is good.
You need to follow safe computer practices. Don't download free games but read the agreements on these programs. Agreements that say you can't sue them for violating your privacy are suspicious to me because it sounds like spyware or adware. Some of these popular gaming sites put the free programs out.
I posted a warning about this virus 6 or 7 months ago.Its placed in an E-Mail that looks legitimate and can take a few days before you realizes the computer is infected.
'
The first sign is a bogus Windows or Anti-virus pop-up in the lower right hand corner that says it's detected a virus "Click Here" to fix the problem.
'
If you have NOT clicked on the "Click Here" to fix, You can do a system restore and get rid of the virus. If you have click on it your obviously on a different PC and you need to reformat the hard drive on the infected PC and start over. This sounds easy enough but the problem is that you no longer have a CMD window to work in. Ya its all gone. The virus encrypts the registry files making them useless.
'
I have some soft ware that runs in RAM only. You'll have to down load it on a working PC, Burn it to CD and then set the boot to CD instead of the hard drive(on the infected PC). This will load the software and allow you to reformat the hard drive(s) and any partitions.
'
An other option is to buy a new hard drive and go from there with the recovery CD.
'
'
I don't run any Anti-virus software for just this reason.They don't work. They slow the PC down, And Their the ones writing the viruses to start with.Their always in competition with each other.I don't want any part of it. My name is not on any custmer list with one of these dirt-bag anti-virus companys.
'
I recommend running windows Firewall and turn OFF automatic updates.
'
If you need the software, Drop Me a PM
I'll do that dance one more time this weekend. But I'm hoping Malwarebytes works tonight to get her computer at least temporarily operational; for now, she's using my computer (ULP), and God only knows what she's clicking on...
The paid version is proactive but the free version is reactive. The paid version would have blocked the website in most instances.
I spent six hours on the phone with a Dell Technician from India before because my wife was working and when I first used Malwarebytes, it found the virus but when I rebooted, it had deleted a main file in Windows so it wouldn't boot. I didn't have an external case at the time so I paid $200 for the Dell technician because I wanted to save the files on the hard drive and I didn't want my wife getting fired for losing a lot of work so we didn't go for a clean reinstall. The computer was extremely slow and some Windows updates helped get remnants of the virus out. I replaced the hard drive over the holidays and both hard drives boot but the problem with the older hard drive was that the reinfections kept re-occuring because my wife has JAVA (an entry point for viruses) and it got to the point where the registry got corrupted and certain programs didn't work.
Dell computers are easy to fix these days because the service tag gives you the information from the website to order new hard drives, system restore disks and drivers. If you have an external case and an extra drive, you can save yourself a trip to the Geek Squad. There is no reason to pay tech support for something you can do yourself and I think it would cut down on the people who profit from putting junk on the web.
The other thing I did was remove the coin battery in the motherboard and put it back in to reset the settings in bios but if you do this then if the battery doesn't have enough of a charge, the motherboard won't boot without a new battery. The computer has never been so fast.
Erco, there are also articles on the web which teach you how to backup your email in outlook express.
When the "windows XP restore" dialog box pops up, Remember that CTRL + ALT + DELete is your friend...
Don't touch any part of that window, and use ctrl+alt+del to "end the task."
I get lots of fun stuff sent to my "baiting" computer all the time, It has been sullied on many occasions.
Malwarebytes has worked for me every time.
This is a good reason not to use a Windows computer for email. All of my email comes to kmail on a Linux box, which I read via my iMac through an X11 ssh client. Windows never, ever gets to touch an email.
@Tracy: Phew! With your help, I think we dodged a bullet on this one. I used the 4 programs you recommended in order. MalwareBytes found 10 trojans & deleted them, then SuperAntiSpyware found & deleted 646 adwares. Combofix next, and I was WORRIED. It had a funky DOS display and worked very slowly without any user interface to control (pause & abort). It listed all the files it deleted, then all the folders, most of which looked useful, like C:\Documents & Settings\Default User\Windows and such. I feared that I got hijacked again and it was systematically deleting critical Windows (UGH) files. It took a LONG time, but after it finished, the desktop magically reappeared, along with all the missing files. I finished with CCleaner, which deleted even more files, and found & fixed others in the registry. So far, it looks like we're back in business. Many thanks to Tracy and everyone for their assistance & recommendations!
Yep, we'll plan on a fresh reinstall in the near future. Her data is backed up, we're just swamped with other things right now. Hopefully this will last a week or two!
I have both Linux and Win on my machines.
Win because I need it to run various apps.
I mainly connect to the web using Linux.
I only browse the web using the Tor Browser. This is mainly to give
me an encrypted Wifi link from my laptop and netbook to the various
public and mil access points I use. The drawback is the max speed of
about 60kbps..groan
I always keep recent backup images of my HD partitions using Paragon's
free Backup & Recover...if anything goes wrong I can just restore everything
to a recent clean state. http://www.paragon-software.com/home/br-free/
I encrypt my HD using the free True Crypt software..it's hard encryption.
Don't write the passphrase down...don't use a weak passphrase. http://www.truecrypt.org/
My USB ports are disabled...this way a random USB thumb drive or whatever
cannot be inserted and mess things up. I have to run a piece of software I wrote
to enable the USB if I want to use.
Reminds me of when I were younger in my parents house. My brother wanted to send some emails. Dad said, "You can use my computer under the condition you DO NOT INSTALL A-N-Y-T-H-I-N-G", furthermore "If a window pops up, you click the X and nothing else.... GOT IT!?"
Sure dad, whatever.
So dad come home about an hour and a half later, the computer is on, my brother no-where to be found and there is a naked chick dancing on the screen. It was a cool virus, but the cleanup was not pretty.
Reminds me of when I were younger in my parents house. My brother wanted to send some emails. Dad said, "You can use my computer under the condition you DO NOT INSTALL A-N-Y-T-H-I-N-G", furthermore "If a window pops up, you click the X and nothing else.... GOT IT!?"
Some of these viruses can only be closed with Control-ALT-DELETE because I think they have their own "X".
Malwarebytes gives you the I.P. so you can block the sites as well. But thank you for that information because it completes more of the picture that I didn't know.
Erco, congratulations on the exorcism. I hope that it really got rid of that devil, so far so good on mine, but this thread has certainly brought up cause for disquiet. I'll be running the suite of anti-infection programs more often now and trust that the guru-geeks who write those programs can keep in step with the parasites.
Computer viruses are the direct equivalent of terrorists. Just one can cause a lot of senseless damage, and their existence and persistence costs everyone time, effort, and dollars.
Just curious, how would it destroy the hard drive?
It took files, broke them apart, then scattered the pieces all over the drive in different places. It also changed the file names. The hard drive restoration company attempted to piece back together the files based on where the pieces were distributed but most of the work was futile. I think the antivirus program that was a virus scam used a code of de-convolution. There was also some talk about how it changed some of the formatting.
In general you want to use at least two independent anti-virus programs. The hope is that they both would be capable of converging on the problem, but if one fails the other would hopefully be able to take up the slack. Obviously the more the better because you are increasing your odds of preventing a future attack, but be warned, some anti-virus programs don't play nice with each other and see each other as a threat.
A point well made! The problem I later ran into was virus programs continue to identify perfectly good files as virus, and some virus programs make all the decisions for you, resulting in deletion of ultimately important files.
Frankly, I found that Norton and Symantec products would NOT play nice with a second similar program - especially System Mechanic. I spent a couple of years with the two locked in battle and found that getting rid of the more expensive Norton/Symantec product requires seeking outside help (search for "Kill Norton") as they wouldn't at that time tell you how to completely remove it with any clarity.
Since my security and registery clean up scans were always failing, it was easier just to move to Linux. One begins to feel like M$ products are for deep pocketed chums as one always has to seek outside help to optimize the OS. They have been in business since 1975, it is about time that their corporate culture and acumen should be able to put out a complete stable OS. But even Windows 7 requires outside software and Norton seems to have paid a hefty premium to attach itself as the AV and system repair of first choice.
Consider browsing in a virtual machine. I've got one setup that has most things needed, and when I'm exploring the net, I fire it up, and if it gets hammered, just roll back to a snapshot, no worries.
In general you want to use at least two independent anti-virus programs. The hope is that they both would be capable of converging on the problem, but if one fails the other would hopefully be able to take up the slack. Obviously the more the better because you are increasing your odds of preventing a future attack, but be warned, some anti-virus programs don't play nice with each other and see each other as a threat.
Back when I was running more than one peecee, each had Norton Corporate AV, Adaware and Spy-Bot Search & Destroy installed. Only had one "bug" slip through and that was from doing something... um, "ill advised". (The word stupid just has an ugly sound to it! :-> )
I've a retired military friend here that works as a consultant for his ex-corporate employer and uses one of several free copies of Norton Corporate AV that he has on hand and swears by it.
But of course the problem is that the rest of us are just treated as rather fat cash cows and handed less perfect product. Why is it that corporate versions are superior to consumer product?
Am I the only one here who has switched to web-based email? Eliminates a lot of problems, viruses, tons of online stotage, and everything stored is always available from any computer.
I've been using web-based e-mail for several years now. I like it, but there are two downsides to consider. If your provider goes out of business you'll lose your e-mail address, contacts, and old e-mails. Web mail can be snooped by your provider, but frankly your ISP can do that with regular e-mail too.
Google's Chrome browser has a list of web sites that are hosting malware based upon their web search result. So when you click on a link to one of those sites Chrome gives you a warning. You can choose to ignore it and go on, or not following the link.
The two above changes will reduce your attack surface considerably.
In those few cases where you want to go to a site that may host malware, here are two safe ways to do it. Surf the web in a Linux virtual machine, as the malware will be unlikely to infect the guest OS, and if it does it won't be able to go anywhere. Reboot your computer off read only media with a Linux distribution like Puppy Linux.
I definitely throw my vote in the "use webmail" camp. I've had a provider go out of business on me but that's unlikely to happen with Google, Yahoo, or Hotmail. You can get to your mail -- including your infinite archive -- from any computer, and they have more resources than any ISP to keep spam and malware filters up to date.
I'm a big fan of Google's mail server as well. It's pretty easy to setup "official" email addresses which dump into gmail, and then send mail "as" from Google's system. This way if Google is ever not the best option, I can move to whatever is. So far, 6 years later.. I'm still using it.
If there are people that you worry might not be able to contact
you at any time in the future then do what I do. I concocted a
very unique string of text that I append to emails sent to people
that are important to me. I also add it to the initial comments in
my source code so that someone wanting some info can contact me
no matter what happens to my email addresses. They can use a
search engine to find me...all I have to do is put the string up on
a blog or web page. As long as the phrase does not appear in a
million places across the web then you will be easy to find. You can't
be posting the phrase just anywhere since each instance will work
against you.
I also use the usenet servers spread out across the globe to archive
all sorts of important data. With the price of storage going down all the
time the major usenet providers are not going to let a binary expire
any more. I usually append my data to images/avi files with a passphrase
to decrypt the data. With my most important data stored in multiple
server farms I am safe from a disaster like a house fire or whatever.
There's just no way that data is going to vanish. It costs to download
from a usenet service but it's always free to upload. I could move about
20GB/day onto usenet if I needed to...anyone could if they have a good
upstream speed.
I also save par recovery files onto usenet.... that way I can rebuild a corrupted
data DVD by downloading only enough pars to recover it and no more. It's
efficient and in the worse case you can download the entire set and totally recreate
the disk.
You would not believe all the types of data I have stored off site, or where some
of it is being stored. Not all of it is in the google image archive or usenet. There
are few things worse than losing a bunch of important data...we have all been there
and done that.
Am I the only one here who has switched to web-based email? Eliminates a lot of problems, viruses, tons of online stotage, and everything stored is always available from any computer.
So far anyway.
We still get unexplained email from people we know that will have a link that doesn't make any sense so we assume their email is infected or someone is using an address like them because they are either snooping on the servers or they have someone else's email address but I don't bother to look at the headers to see if it is really them or not because I just delete them.
Another mode of security is to delete your temporary internet files and delete cookies because you are leaving a trail and programs behind you.
I use to keep my backups on CD because they were write only and couldn't get infected. Then one day a CD failed so I use thumbdrives. SD cards can be inserted into card readers that look like thumb drives and some SD cards have a lock so you can make them un-writeable but this can be an expensive option.
I think the key is to use and keep secondary backups so all isn't lost when you experience a virus.
One of the problems is sharing computers with people and with the web. I believe that some systems should be closed to or limited from the web to keep them from being compromised. And a computer connected to the web shouldn't have anything on it worth stealing. You probably should look into options on encrypting your hard drive or using secondary storage (USB hard drives) as main (secondary) storage because you can turn them off while surfing the web or using email.
A source of spam comes from offers and lending your email to people who shouldn't have it. Companies have their records exploited and then someone nefarious starts calling my house. I don't allow solicitations over the phone because I can't check the identity of people whom I can't see. Google voice gives people the ability to trick others.
Once you get a virus, you should probably change your email address if possible so you can't be followed on the web. Free offers and chain mail are just for people who want to harvest your email addresses because there is no guarantee you will get a free offer. You're basically trusting people whom you don't know and don't care about you with your email address.
I use to keep my backups on CD because they were write only and couldn't get infected. Then one day a CD failed so I use thumbdrives. SD cards can be inserted into card readers that look like thumb drives and some SD cards have a lock so you can make them un-writeable but this can be an expensive option.
I store my recovery files both on site and off site.
Cheaper and sturdier than thumb drives. A thumb
drive can fail. A percentage of your data DVDs will
fail but it's ok if you have recovery files for them so
you can rebuild the damaged sectors.
Comments
I share a computer and we've caught viruses using Comodo and Norton 360. I called up Norton explaining we have a virus and they want $100 to help me use the system restore disk which is what I can do for myself for free. I used Combofix only to later see the virus staring at me. In fact, Norton took hours searching the computer and Malwarebytes found the culprit in a lot less time.
I think the problem is the Windows registry because it allows other programs to change the computer. The Commodore 64 didn't get any viruses because you couldn't change the ROM and the whole push to put the operating system in RAM so that any rogue program to change it fueling the market for anti-virus and anti-spyware products. A lot of viruses are caught from surfing the web and sites like Facebook which is why your computer needs to operate in a sandbox to catch these intruders which is why I think Malwarebytes has been the most effective program so far. I think Linux is good.
You need to follow safe computer practices. Don't download free games but read the agreements on these programs. Agreements that say you can't sue them for violating your privacy are suspicious to me because it sounds like spyware or adware. Some of these popular gaming sites put the free programs out.
'
The first sign is a bogus Windows or Anti-virus pop-up in the lower right hand corner that says it's detected a virus "Click Here" to fix the problem.
'
If you have NOT clicked on the "Click Here" to fix, You can do a system restore and get rid of the virus. If you have click on it your obviously on a different PC and you need to reformat the hard drive on the infected PC and start over. This sounds easy enough but the problem is that you no longer have a CMD window to work in. Ya its all gone. The virus encrypts the registry files making them useless.
'
I have some soft ware that runs in RAM only. You'll have to down load it on a working PC, Burn it to CD and then set the boot to CD instead of the hard drive(on the infected PC). This will load the software and allow you to reformat the hard drive(s) and any partitions.
'
An other option is to buy a new hard drive and go from there with the recovery CD.
'
'
I don't run any Anti-virus software for just this reason.They don't work. They slow the PC down, And Their the ones writing the viruses to start with.Their always in competition with each other.I don't want any part of it. My name is not on any custmer list with one of these dirt-bag anti-virus companys.
'
I recommend running windows Firewall and turn OFF automatic updates.
'
If you need the software, Drop Me a PM
The paid version is proactive but the free version is reactive. The paid version would have blocked the website in most instances.
I spent six hours on the phone with a Dell Technician from India before because my wife was working and when I first used Malwarebytes, it found the virus but when I rebooted, it had deleted a main file in Windows so it wouldn't boot. I didn't have an external case at the time so I paid $200 for the Dell technician because I wanted to save the files on the hard drive and I didn't want my wife getting fired for losing a lot of work so we didn't go for a clean reinstall. The computer was extremely slow and some Windows updates helped get remnants of the virus out. I replaced the hard drive over the holidays and both hard drives boot but the problem with the older hard drive was that the reinfections kept re-occuring because my wife has JAVA (an entry point for viruses) and it got to the point where the registry got corrupted and certain programs didn't work.
Dell computers are easy to fix these days because the service tag gives you the information from the website to order new hard drives, system restore disks and drivers. If you have an external case and an extra drive, you can save yourself a trip to the Geek Squad. There is no reason to pay tech support for something you can do yourself and I think it would cut down on the people who profit from putting junk on the web.
The other thing I did was remove the coin battery in the motherboard and put it back in to reset the settings in bios but if you do this then if the battery doesn't have enough of a charge, the motherboard won't boot without a new battery. The computer has never been so fast.
Erco, there are also articles on the web which teach you how to backup your email in outlook express.
Don't touch any part of that window, and use ctrl+alt+del to "end the task."
I get lots of fun stuff sent to my "baiting" computer all the time, It has been sullied on many occasions.
Malwarebytes has worked for me every time.
-Phil
Congratulations.
Make sure to keep an eye on it. There are IT professionals that remove viruses and say they come back because they're never really gone.
Chuck
Win because I need it to run various apps.
I mainly connect to the web using Linux.
I only browse the web using the Tor Browser. This is mainly to give
me an encrypted Wifi link from my laptop and netbook to the various
public and mil access points I use. The drawback is the max speed of
about 60kbps..groan
I always keep recent backup images of my HD partitions using Paragon's
free Backup & Recover...if anything goes wrong I can just restore everything
to a recent clean state.
http://www.paragon-software.com/home/br-free/
I encrypt my HD using the free True Crypt software..it's hard encryption.
Don't write the passphrase down...don't use a weak passphrase.
http://www.truecrypt.org/
My USB ports are disabled...this way a random USB thumb drive or whatever
cannot be inserted and mess things up. I have to run a piece of software I wrote
to enable the USB if I want to use.
You need to use one of the Linux repair tools disks to repair the HD and
or pull valuable data from it.
http://www.junauza.com/2010/07/hard-drive-data-recovery-tools.html
Reminds me of when I were younger in my parents house. My brother wanted to send some emails. Dad said, "You can use my computer under the condition you DO NOT INSTALL A-N-Y-T-H-I-N-G", furthermore "If a window pops up, you click the X and nothing else.... GOT IT!?"
Sure dad, whatever.
So dad come home about an hour and a half later, the computer is on, my brother no-where to be found and there is a naked chick dancing on the screen. It was a cool virus, but the cleanup was not pretty.
http://winhelp2002.mvps.org/hosts.htm
Some of these viruses can only be closed with Control-ALT-DELETE because I think they have their own "X".
Malwarebytes gives you the I.P. so you can block the sites as well. But thank you for that information because it completes more of the picture that I didn't know.
Since my security and registery clean up scans were always failing, it was easier just to move to Linux. One begins to feel like M$ products are for deep pocketed chums as one always has to seek outside help to optimize the OS. They have been in business since 1975, it is about time that their corporate culture and acumen should be able to put out a complete stable OS. But even Windows 7 requires outside software and Norton seems to have paid a hefty premium to attach itself as the AV and system repair of first choice.
Back when I was running more than one peecee, each had Norton Corporate AV, Adaware and Spy-Bot Search & Destroy installed. Only had one "bug" slip through and that was from doing something... um, "ill advised". (The word stupid just has an ugly sound to it! :-> )
Amanda
But of course the problem is that the rest of us are just treated as rather fat cash cows and handed less perfect product. Why is it that corporate versions are superior to consumer product?
So far anyway.
Google's Chrome browser has a list of web sites that are hosting malware based upon their web search result. So when you click on a link to one of those sites Chrome gives you a warning. You can choose to ignore it and go on, or not following the link.
The two above changes will reduce your attack surface considerably.
In those few cases where you want to go to a site that may host malware, here are two safe ways to do it. Surf the web in a Linux virtual machine, as the malware will be unlikely to infect the guest OS, and if it does it won't be able to go anywhere. Reboot your computer off read only media with a Linux distribution like Puppy Linux.
OBC
you at any time in the future then do what I do. I concocted a
very unique string of text that I append to emails sent to people
that are important to me. I also add it to the initial comments in
my source code so that someone wanting some info can contact me
no matter what happens to my email addresses. They can use a
search engine to find me...all I have to do is put the string up on
a blog or web page. As long as the phrase does not appear in a
million places across the web then you will be easy to find. You can't
be posting the phrase just anywhere since each instance will work
against you.
I also use the usenet servers spread out across the globe to archive
all sorts of important data. With the price of storage going down all the
time the major usenet providers are not going to let a binary expire
any more. I usually append my data to images/avi files with a passphrase
to decrypt the data. With my most important data stored in multiple
server farms I am safe from a disaster like a house fire or whatever.
There's just no way that data is going to vanish. It costs to download
from a usenet service but it's always free to upload. I could move about
20GB/day onto usenet if I needed to...anyone could if they have a good
upstream speed.
I also save par recovery files onto usenet.... that way I can rebuild a corrupted
data DVD by downloading only enough pars to recover it and no more. It's
efficient and in the worse case you can download the entire set and totally recreate
the disk.
You would not believe all the types of data I have stored off site, or where some
of it is being stored. Not all of it is in the google image archive or usenet. There
are few things worse than losing a bunch of important data...we have all been there
and done that.
We still get unexplained email from people we know that will have a link that doesn't make any sense so we assume their email is infected or someone is using an address like them because they are either snooping on the servers or they have someone else's email address but I don't bother to look at the headers to see if it is really them or not because I just delete them.
Another mode of security is to delete your temporary internet files and delete cookies because you are leaving a trail and programs behind you.
I use to keep my backups on CD because they were write only and couldn't get infected. Then one day a CD failed so I use thumbdrives. SD cards can be inserted into card readers that look like thumb drives and some SD cards have a lock so you can make them un-writeable but this can be an expensive option.
I think the key is to use and keep secondary backups so all isn't lost when you experience a virus.
One of the problems is sharing computers with people and with the web. I believe that some systems should be closed to or limited from the web to keep them from being compromised. And a computer connected to the web shouldn't have anything on it worth stealing. You probably should look into options on encrypting your hard drive or using secondary storage (USB hard drives) as main (secondary) storage because you can turn them off while surfing the web or using email.
A source of spam comes from offers and lending your email to people who shouldn't have it. Companies have their records exploited and then someone nefarious starts calling my house. I don't allow solicitations over the phone because I can't check the identity of people whom I can't see. Google voice gives people the ability to trick others.
Once you get a virus, you should probably change your email address if possible so you can't be followed on the web. Free offers and chain mail are just for people who want to harvest your email addresses because there is no guarantee you will get a free offer. You're basically trusting people whom you don't know and don't care about you with your email address.
HollyMinkowski said: This happens alot. (insert link) I have been "outed" more than once. Some folks just love search engines.
-Tommy
I use DVDISASTER.
http://dvdisaster.net/en/
I store my recovery files both on site and off site.
Cheaper and sturdier than thumb drives. A thumb
drive can fail. A percentage of your data DVDs will
fail but it's ok if you have recovery files for them so
you can rebuild the damaged sectors.